1. Field of the Invention
The present invention relates to an electronic authentication method for authenticating the user of a communication line and a system therefor.
2. Description of the Related Art
Ciphering key methods have been widely used for authenticating the user of a communication line. Well known ciphering key methods include private key methods such as the Data Encryption Standard (DES), Fastdata Encipherment Algorithm (FEAL), RC-2, RC-4, and RC-5 methods, and public key methods such as the Rivest Shamir Adleman (RSA) method. The Secure Socket Layer (SSL) method, which performs encryption at a certain layer in a communication protocol, is also well known. In addition to these methods, which encrypt transmission information, a method has been proposed in which authentication is performed by sending specified information or random-number information from a physical information medium unique to the user, such as a memory card.
In the conventional methods described above, encryption/response communication of information required for authentication may be monitored and decrypted by a third party. Therefore, authentication of the specified user cannot be positively performed.
The present invention is made in order to solve the above-described problems in the conventional methods. Accordingly, it is an object of the present invention to provide an electronic authentication method which can positively authenticate the specified user even if communicated information is monitored by a third party and authentication information/response information/a response method is decrypted, and a system therefor.
The foregoing objects are achieved according to one aspect of the present invention through the provision of an electronic authentication method including the steps of: (1) inputting information sent from an information source connected to a user""s terminal through a communication line into a physical information medium unique to each owner; (2) sending response information output from the information medium to the information source; and (3) verifying the response information output from the information medium in the information source.
The foregoing objects are also achieved according to another aspect of the present invention through the provision of an electronic authentication method including the steps of: (1) inputting information sent from an authentication source required to perform authentication by an information source connected to a user""s terminal through a communication line into a physical information medium unique to each owner; (2) sending response information output from the information medium to the authentication source; and (3) verifying the response information output from the information medium in the authentication source.
The foregoing objects are also achieved according to still another aspect of the present invention through the provision of an electronic authentication system including: (1) an information source connected to a user""s terminal through a communication line; and (2) a physical information medium which is unique to each owner and to which information sent from the information source is input; (3) wherein response information output from the information medium is sent to the information source; and (4) the response information output from the information medium is verified in the information source for authentication.
The foregoing objects are also achieved according to yet another aspect of the present invention through the provision of an electronic authentication system including: (1) an information source connected to a user""s terminal through a communication line; (2) a physical information medium which is unique to each owner and to which information sent from the information source is input; and (3) an authentication source connected to the user""s terminal and the information source through communication means, wherein (4) response information output from the information medium is sent to the authentication source and is verified for authentication.
The foregoing objects are also achieved according to a further aspect of the present invention through the provision of an electronic authentication method including: (1) a first sending step for sending authentication information from an information source terminal to a user""s terminal; (2) an input step for inputting the authentication information received by the user""s terminal into an information medium loaded to the user""s terminal; (3) a calling step for calling response information from the information medium to the user""s terminal according to the previously input authentication information; (4) a second sending step for sending the response information from the user""s terminal to the information source terminal; (5) a determination step for determining whether the response information received by the information source terminal is valid according to a correspondence table of authentication information stored in storage means of the information source terminal and the response information; and (6) a decision step for deciding according to the result of the determination whether the information source terminal permits access from the user""s terminal.
The foregoing objects are also achieved according to a still further aspect of the present invention through the provision of an electronic authentication method including: (1) a first sending step for sending authentication-request information for a user""s terminal from an information source terminal to an authentication terminal; (2) a second sending step for sending authentication information from the authentication terminal to the user""s terminal; (3) an input step for inputting the authentication information received by the user""s terminal into an information medium loaded into the user""s terminal; (4) a calling step for calling response information from the information medium to the user""s terminal according to the previously input authentication information; (5) a third sending step for sending the response information from the user""s terminal to the authentication terminal; (6) a determination step for determining whether the response information received by the authentication terminal is valid according to a correspondence table of authentication information stored in storage means of the authentication terminal and the response information; (7) a fourth sending step for sending the result of the determination from the authentication terminal to the information source terminal; and (8) a decision step for deciding according to the result of the determination whether the information source terminal permits access from the user""s terminal.
The foregoing objects are also achieved according to yet a further aspect of the present invention through the provision of an electronic authentication system including an information source terminal and a user""s terminal, the information source terminal including: (1) a first sending unit for sending authentication information to the user""s terminal; (2) a storage unit for storing a correspondence table of authentication information and response information; (3) a determination unit for determining whether the response information received from the user""s terminal is valid according to the correspondence table; and (4) a decision unit for deciding whether access from the user""s terminal is permitted according to the result of the determination, and the user""s terminal including: (1) a loading unit for loading an information medium; (2) an input unit for inputting the authentication information into an information medium loaded into the loading means; and (3) a second sending unit for sending response information called according to the authentication information input from the information medium, to the information source terminal.
The foregoing objects are also achieved according to an additional aspect of the present invention through the provision of an electronic authentication system including an information source terminal, a user""s terminal, and an authentication terminal, the information source terminal including: (1) a first sending unit for sending authentication-request information for the user""s terminal to the authentication terminal; and (2) a decision unit for deciding whether the information source terminal permits access from the user""s terminal according to the result of the determination of whether the response information of the user""s terminal received from the authentication terminal is valid, the authentication terminal including: (1) a second sending unit for sending authentication information to the user""s terminal; (2) storage means for storing a correspondence table of authentication information and response information; (3) a determination unit for determining whether the response information received from the user""s terminal is valid according to the correspondence table; and (4) a third sending unit for sending the result of the determination to the information source terminal, and the user""s terminal including: (1) a loading unit for loading an information medium; (2) an input unit for inputting the authentication information into an information medium loaded into the loading means; and (3) a fourth sending unit for sending response information called according to the authentication information input from the information medium, to the authentication terminal.
The foregoing objects are also achieved according to a still additional aspect of the present invention through the provision of a storage medium storing a program for executing, in a computer, the steps including: (1) sending authentication information from an information source terminal to a user""s terminal; (2) inputting the authentication information received by the user""s terminal into an information medium loaded to the user""s terminal; (3) calling response information from the information medium to the user""s terminal according to the previously input authentication information; (4) sending the response information from the user""s terminal to the information source terminal; (5) determining whether the response information received by the information source terminal is valid according to a correspondence table of authentication information stored in storage means of the information source terminal and the response information; and (6) deciding according to the result of the determination whether the information source terminal permits access from the user""s terminal.
The foregoing objects are also achieved according to yet an additional aspect of the present invention through the provision of a storage medium storing a program for executing, in a computer, the steps including: (1) sending authentication-request information for a user""s terminal from an information source terminal to an authentication terminal; (2) sending authentication information from the authentication terminal to the user""s terminal; (3) inputting the authentication information received by the user""s terminal into an information medium loaded to the user""s terminal; (4) calling response information from the information medium to the user""s terminal according to the previously input authentication information; (5) sending the response information from the user""s terminal to the authentication terminal; (6) determining whether the response information received by the authentication terminal is valid according to a correspondence table of authentication information stored in storage means of the authentication terminal and the response information; (7) sending the result of the determination from the authentication terminal to the information source terminal; and (8) deciding according to the result of the determination whether the information source terminal permits access from the user""s terminal.